๐ Workflow Overview
Complete documentation of all 9 gem-ci workflows and their functionality
๐ฏ Workflow Architecture
gem-ci includes 9 comprehensive workflows that provide complete automation for Ruby gem development:
๐ Core Workflows
01 - Intake (01-intake.yml
)
Purpose: First contact and organization for issues and PRs
Triggers:
- Issues:
opened
,edited
,reopened
- Pull Requests:
opened
,edited
,reopened
,synchronize
- Push to:
.github/config/labels.yml
Key Features:
- ๐ท๏ธ Label Synchronization: Syncs repository labels from config
- ๐ค Auto-labeling: Automatically labels PRs based on file changes
- ๐ Welcome Messages: Greets first-time contributors
- ๐ PR Size Detection: Labels PRs by size (XS, S, M, L, XL)
Dependencies: GitHub App authentication
02 - CI (02-ci.yml
)
Purpose: Continuous Integration with tests, linting, and builds
Triggers:
- Push/PR to:
main
,master
Key Features:
- ๐งช Ruby 3.3 Testing: Optimized single-version testing
- ๐๏ธ Gem Building: Automated gem packaging
- ๐ Parallel Jobs: Lint, security, docs in parallel
- ๐ Performance Tracking: Workflow duration monitoring
- ๐ PR Status Updates: Contributes to consolidated PR dashboard
Cost Optimization: Ubuntu-only runners, Ruby 3.3 only
03 - Security (03-security.yml
)
Purpose: Comprehensive security scanning and vulnerability detection
Triggers:
- Push/PR to:
main
,master
- Schedule: Weekly Wednesday 2 AM UTC
Key Features:
- ๐ CodeQL Analysis: Static code analysis
- ๐ก๏ธ Dependency Scanning: Vulnerability detection in dependencies
- ๐ Secret Scanning: Git history secret detection
- ๐ฆ Bundle Audit: Ruby gem vulnerability scanning
- ๐ PR Status Updates: Contributes to consolidated PR dashboard
Cost Optimization: Reduced from daily to weekly
04 - Quality (04-quality.yml
)
Purpose: Code quality enforcement and documentation
Triggers:
- Push/PR to:
main
,master
Key Features:
- ๐ Focused Linting: Custom YAML/JSON/Markdown validation
- ๐ RuboCop Analysis: Ruby code style enforcement
- ๐ Documentation Generation: YARD API documentation
- ๐ Complexity Analysis: Code complexity reporting
- ๐ PR Status Updates: Contributes to consolidated PR dashboard
Performance Improvement: Replaced super-linter with focused custom linting (~70% faster)
05 - Community (05-community.yml
)
Purpose: Community management and engagement
Triggers:
- Issues:
opened
,edited
,closed
,reopened
- Pull Requests:
opened
,closed
- Schedule: Weekly Tuesday 1 AM UTC
Key Features:
- ๐งน Stale Management: Automated stale issue/PR cleanup
- ๐ฅ Contributor Recognition: Achievement badges for contributors
- ๐ Community Health: Health metrics and reporting
- ๐ท๏ธ Smart Labeling: Context-aware issue labeling
Cost Optimization: Reduced from daily to weekly
06 - Release (06-release.yml
)
Purpose: Automated releases and publishing
Triggers:
- Push to:
main
,master
- Manual dispatch with release type selection
Key Features:
- ๐ฏ Release Please: Automated semantic versioning
- ๐ Gem Building: Automated gem packaging
- ๐ Security Scanning: Pre-release security validation
- ๐ฆ RubyGems Publishing: Automated gem publishing
- ๐ GitHub Releases: Automated release notes
- ๐ข Notifications: Slack release announcements
Dependencies: RubyGems API key, release environment
07 - Ecosystem (07-ecosystem.yml
)
Purpose: Ecosystem health and compatibility monitoring
Triggers:
- Push to:
main
,master
- Release events
- Schedule: Bi-weekly Sunday 3 AM UTC
Key Features:
- ๐ฆ Dependency Health: Outdated dependency reporting
- ๐งช Compatibility Matrix: Ruby version compatibility testing
- โก Performance Benchmarks: Release performance validation
- ๐ Documentation Links: Link health checking
- ๐ Health Issues: Automated health issue creation/updates
Cost Optimization: Reduced from weekly to bi-weekly, Ruby 3.3 only
08 - Monitoring (08-monitoring.yml
)
Purpose: Performance monitoring and health tracking
Triggers:
- Push/PR to:
main
,master
- Schedule: Weekly Monday 4 AM UTC
Key Features:
- ๐ Workflow Metrics: Performance and success tracking
- ๐ Action Analysis: Basic workflow health monitoring
- ๐ฅ Repository Health: Overall repository health checks
- ๐ Performance Summary: Automated performance reporting
Cost Optimization: Reduced from daily to weekly
09 - Bot Commands (09-bot-commands.yml
)
Purpose: Interactive bot commands for workflow management
Triggers:
- Issue comments containing
/gem-ci
Key Features:
- ๐ Release Management:
/gem-ci revise release minor to patch
- โ Release Cancellation:
/gem-ci cancel release
- ๐ Help System:
/gem-ci help
- ๐ค Interactive Responses: Emoji reactions and helpful messages
- โ ๏ธ Error Handling: Invalid command guidance
Dependencies: GitHub App authentication
๐ Complete Automation Tasks
Category | Task | Workflow | Action Used | Configuration |
---|---|---|---|---|
๐ CI/CD | Ruby testing | 02-ci.yml |
ruby/setup-ruby@v1 |
Ruby 3.3 (optimized) |
ย | Ubuntu testing | 02-ci.yml |
actions/checkout@v4 |
Ubuntu-latest (cost optimized) |
ย | Dependency caching | 02-ci.yml |
actions/cache@v3 |
Bundler cache |
ย | Test execution | 02-ci.yml |
Custom scripts | RSpec, Minitest |
ย | Coverage reporting | 04-quality.yml |
simplecov gem |
90% threshold |
๐ Security | CodeQL analysis | 03-security.yml |
github/codeql-action@v3 |
.github/config/codeql.yml |
ย | Dependency scanning | 03-security.yml |
actions/dependency-review-action@v4 |
Vulnerability detection |
ย | Secret scanning | 03-security.yml |
trufflesecurity/trufflehog@main |
Git history scan |
ย | Container scanning | 03-security.yml |
aquasecurity/trivy-action@master |
Dockerfile security |
ย | Bundle audit | 03-security.yml |
bundler-audit gem |
Gem vulnerabilities |
๐ Quality | Code linting | 04-quality.yml |
rubocop/rubocop-github-action@v0.1.0 |
RuboCop standards |
ย | Documentation | 04-quality.yml |
yard gem |
API documentation |
ย | Markdown linting | 04-quality.yml |
DavidAnson/markdownlint-cli2-action@v16 |
Markdown standards |
ย | Super linting | 04-quality.yml |
super-linter/super-linter@v5 |
Multi-language linting |
๐ท๏ธ Labels | Label sync | 01-intake.yml |
crazy-max/ghaction-github-labeler@v5 |
.github/config/labels.yml |
ย | Auto-labeling | 01-intake.yml |
actions/labeler@v5 |
.github/config/labeler.yml |
ย | Size labeling | 01-intake.yml |
Custom script | PR size detection |
๐ฅ Community | Welcome messages | 01-intake.yml |
actions/first-interaction@v1 |
First-time contributors |
ย | Stale management | 05-community.yml |
actions/stale@v9 |
60-day stale policy |
ย | Contributor recognition | 05-community.yml |
Custom script | Achievement badges |
ย | Health monitoring | 08-monitoring.yml |
Custom script | Community metrics |
๐ Release | Semantic versioning | 06-release.yml |
Custom script | Version bumping |
ย | Changelog generation | 06-release.yml |
Custom script | Auto-generated changelogs |
ย | RubyGems publishing | 06-release.yml |
ruby/setup-ruby@v1 |
Automated gem push |
ย | GitHub releases | 06-release.yml |
actions/create-release@v1 |
Release notes |
ย | Release notifications | 06-release.yml |
slackapi/slack-github-action@v1.27.0 |
Slack integration |
๐ฆ Dependencies | Dependency updates | Dependabot | GitHub native | .github/dependabot.yml |
ย | Security updates | Dependabot | GitHub native | Auto-merge safe updates |
ย | Version grouping | Dependabot | GitHub native | Development/testing groups |
๐ก๏ธ Protection | Branch protection | Rulesets | GitHub native | .github/config/rulesets/ |
ย | Tag protection | Rulesets | GitHub native | Release tag protection |
ย | Push restrictions | Rulesets | GitHub native | Development branch rules |
๐ข Notifications | Slack integration | Multiple | Custom shared action | SLACK_BOT_TOKEN + SLACK_CHANNEL_ID |
ย | PR Status Dashboard | Multiple | update-pr-status action |
Consolidated PR comments |
๐ค Bot Commands | Release management | 09-bot-commands.yml |
actions/github-script@v7 |
Slash commands |
ย | Help system | 09-bot-commands.yml |
actions/github-script@v7 |
Interactive help |
๐ Ecosystem | Dependency health | 07-ecosystem.yml |
Custom scripts | Bi-weekly checks |
ย | Compatibility matrix | 07-ecosystem.yml |
ruby/setup-ruby@v1 |
Ruby version testing |
ย | Performance benchmarks | 07-ecosystem.yml |
Custom benchmark scripts | Release validation |
๐ Monitoring | Workflow metrics | 08-monitoring.yml |
actions/github-script@v7 |
Weekly performance tracking |
ย | Repository health | 08-monitoring.yml |
Custom health checks | Automated health reports |
๐งช Validation | GitHub App setup | tests/validate-github-app.yml |
actions/create-github-app-token@v1 |
Token validation |
ย | Slack integration | tests/validate-slack-integration.yml |
slackapi/slack-github-action@v1.27.0 |
Message testing |
ย | Label sync | tests/validate-labels-sync.yml |
crazy-max/ghaction-github-labeler@v5 |
Configuration validation |
ย | Repository rulesets | tests/validate-repository-rulesets.yml |
Custom scripts | Ruleset validation |
๐ Workflow Dependencies
๐ Shared Actions
update-pr-status (.github/actions/update-pr-status
)
Purpose: Consolidated PR status comment management
Used By: CI, Security, Quality workflows
Features:
- ๐ Single PR status dashboard
- ๐ Smart comment updates (no spam)
- ๐ Direct links to workflow runs
- ๐ Status emoji indicators
Notification System (.github/workflows/shared/notification.yml
)
Purpose: Standardized Slack notifications
Used By: CI, Release, Quality workflows
Features:
- ๐ค Bot token authentication
- ๐จ Status-based color coding
- ๐ข Channel-specific notifications
- ๐ Structured message format
๐ฏ Key Optimizations Applied
Cost Reductions (~75-80% total savings)
- Ruby Versions: 3.3 only (50% reduction)
- Platforms: Ubuntu only (66% reduction)
- Schedules: Reduced frequency (85% reduction)
- Linting: Custom focused approach (70% faster)
Performance Improvements
- PR Comments: Single consolidated dashboard
- Parallel Execution: Optimized job dependencies
- Smart Caching: Efficient dependency caching
- Focused Linting: Targeted validation instead of super-linter
User Experience Enhancements
- Interactive Commands: Bot-driven workflow management
- Clear Status: Visual PR status dashboard
- Smart Notifications: Context-aware Slack messages
- Documentation: Comprehensive guides and examples
๐ Related Documentation
- CI Workflow Overview - Complete visual workflow lifecycle
- GitFlow Diagram - Visual branching model
- Local Testing Guide - Test workflows before deployment
- Bot Commands Guide - Interactive workflow management
- Customization Guide - Adapt workflows for your needs
Questions? Check our validation guide or open an issue for help.